Submissions

Date range button:

First seen:

Last seen:

No	Date	Request	Urls	Hosts	IDS	Score	Zero	VT	Player
10171	2021-05-20 16:41	mn.exe f421782c826203212a35308f4b155bad AsyncRAT backdoor PWS .NET framework Malicious Library SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows utilities suspicious process WriteConsoleW Windows ComputerName DNS crashed				11.0	M	38	ZeroCERT

10172	2021-05-20 16:35	fax_Documents.exe 5e9c34075c2eb3d3db131e1227383f1e Malicious Packer .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Check memory Checks debugger unpack itself	3 Keyword trend analysis			2.2		34	ZeroCERT

10173	2021-05-20 15:18	k5dy7ow2EwylXhP.exe a1fbfc2302350826dd8fe8576b9db9cd PWS .NET framework Malicious Library .NET EXE PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key				2.8	M	23	ZeroCERT

10174	2021-05-20 10:17	skyex.exe 319aa3ef09635ec5a3e4a34b11a532fc AsyncRAT backdoor PWS .NET framework SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName crashed				9.2	M	43	ZeroCERT

10175	2021-05-20 10:17	wp.exe 38867e376e58b17041629a08476959fe PE64 PE File OS Processor Check VirusTotal Malware PDB RWX flags setting unpack itself DNS crashed				2.8	M	4	ZeroCERT

10176	2021-05-20 10:13	damianox.exe bce8e13b13ee7afcce01c1b5d98b589a PWS .NET framework Malicious Packer SMTP KeyLogger AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself Windows ComputerName crashed				9.2	M	42	ZeroCERT

10177	2021-05-20 10:12	k5dy7ow2EwylXhP.exe a1fbfc2302350826dd8fe8576b9db9cd PWS .NET framework Malicious Library .NET EXE PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key				2.8	M	23	ZeroCERT

10178	2021-05-20 10:10	lc3em0zAh4dJV1c.exe 9f5894fc929c4c147d6ebb4c49c1447c NPKI PWS .NET framework Malicious Library .NET EXE PE File PE32 VirusTotal Malware Check memory Checks debugger unpack itself Windows DNS Cryptographic key				2.8	M	23	ZeroCERT

10179	2021-05-20 10:09	H2AymTOp.txt 6281865f1e7a60eca71ecce24d777c59 AsyncRAT backdoor PWS .NET framework DNS AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware Buffer PE suspicious privilege MachineGuid Code Injection Malicious Traffic Check memory Checks debugger buffers extracted unpack itself Windows utilities Check virtual network interfaces suspicious process WriteConsoleW human activity check Tofsee Windows ComputerName DNS DDNS	1 Keyword trend analysis	5	2	15.8	M	21	ZeroCERT

10180	2021-05-20 10:04	payload.exe 8d5a68faee4b8e327317a3d58e7c3cca AgentTesla AsyncRAT backdoor PWS .NET framework Malicious Library DGA DNS Socket Create Service Sniff Audio HTTP Escalate priviledges KeyLogger FTP Code injection Http API Internet API Steal credential ScreenShot Downloader P2P AntiDebug AntiVM .NET EXE P Dridex TrickBot VirusTotal Malware AutoRuns Code Injection Windows utilities suspicious process AppData folder WriteConsoleW Kovter Windows ComputerName DNS		1	1	5.6	M	38	ZeroCERT

10181	2021-05-20 09:56	dsd.exe a2514fac953de1e31ece31471716c852 Gen2 PE64 PE File OS Processor Check VirusTotal Malware PDB RWX flags setting unpack itself DNS crashed				2.8	M	4	ZeroCERT

10182	2021-05-20 09:49	FD1.exe 36f95f7e28e486ef9f48990e23a71ab0 Gen2 PE64 PE File OS Processor Check VirusTotal Malware PDB RWX flags setting unpack itself crashed				2.2	M	5	ZeroCERT

10183	2021-05-20 09:47	dsd.exe a2514fac953de1e31ece31471716c852 Gen2 PE64 PE File OS Processor Check VirusTotal Malware PDB RWX flags setting unpack itself crashed				2.2		4	ZeroCERT

10184	2021-05-20 09:47	xcload.exe 5215dde464e1fbadbe4e7a59927a73b4 Malicious Library AntiDebug AntiVM .NET EXE PE File PE32 VirusTotal Malware PDB suspicious privilege Code Injection Check memory Checks debugger buffers extracted unpack itself DNS				7.8		14	ZeroCERT

10185	2021-05-20 09:44	terret.exe 25eb15c44373fbe160c8a8307a784b9f PE64 PE File VirusTotal Malware AutoRuns Check memory Creates executable files ICMP traffic unpack itself Windows utilities sandbox evasion Windows ComputerName DNS		1		7.4		22	ZeroCERT